]>
Commit | Line | Data |
---|---|---|
561803c0 | 1 | #!/usr/bin/env sh |
2 | ||
3 | #DEPLOY_DOCKER_CONTAINER_LABEL="xxxxxxx" | |
4 | #DOCKER_HOST=/var/run/docker.sock | tcp://localhost:8888 | |
5 | ||
6 | ||
7 | #DEPLOY_DOCKER_CONTAINER_KEY_FILE="/path/to/key.pem" | |
8 | #DEPLOY_DOCKER_CONTAINER_CERT_FILE="/path/to/cert.pem" | |
9 | #DEPLOY_DOCKER_CONTAINER_CA_FILE="/path/to/ca.pem" | |
10 | #DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE="/path/to/fullchain.pem" | |
11 | #DEPLOY_DOCKER_CONTAINER_RELOAD_CMD="service nginx force-reload" | |
12 | ||
13 | _DEPLOY_DOCKER_WIKI="http://xxxxxx" | |
14 | ||
15 | _DOCKER_HOST_DEFAULT="/var/run/docker.sock" | |
16 | ||
17 | docker_deploy() { | |
18 | _cdomain="$1" | |
19 | _ckey="$2" | |
20 | _ccert="$3" | |
21 | _cca="$4" | |
22 | _cfullchain="$5" | |
23 | ||
24 | if [ -z "$DEPLOY_DOCKER_CONTAINER_LABEL" ]; then | |
25 | _err "The DEPLOY_DOCKER_CONTAINER_LABEL variable is not defined, we use this label to find the container." | |
26 | _err "See: $_DEPLOY_DOCKER_WIKI" | |
27 | fi | |
28 | ||
29 | _savedomainconf DEPLOY_DOCKER_CONTAINER_LABEL "$DEPLOY_DOCKER_CONTAINER_LABEL" | |
30 | ||
31 | if [ "$DOCKER_HOST" ]; then | |
32 | _saveaccountconf DOCKER_HOST "$DOCKER_HOST" | |
33 | fi | |
34 | ||
35 | if _exists docker && docker version | grep -i docker >/dev/null; then | |
36 | _info "Using docker command" | |
37 | export _USE_DOCKER_COMMAND=1 | |
38 | else | |
39 | export _USE_DOCKER_COMMAND= | |
40 | fi | |
41 | ||
42 | export _USE_UNIX_SOCKET= | |
43 | if [ -z "$_USE_DOCKER_COMMAND" ]; then | |
44 | export _USE_REST= | |
45 | if [ "$DOCKER_HOST" ]; then | |
46 | _debug "Try use docker host: $DOCKER_HOST" | |
47 | export _USE_REST=1 | |
48 | else | |
49 | export _DOCKER_SOCK="$_DOCKER_HOST_DEFAULT" | |
50 | _debug "Try use $_DOCKER_SOCK" | |
51 | if [ ! -e "$_DOCKER_SOCK" ] || [ ! -w "$_DOCKER_SOCK" ]; then | |
52 | _err "$_DOCKER_SOCK is not available" | |
53 | return 1 | |
54 | fi | |
55 | export _USE_UNIX_SOCKET=1 | |
56 | if ! _exists "curl"; then | |
57 | _err "Please install curl first." | |
58 | _err "We need curl to work." | |
59 | return 1 | |
60 | fi | |
61 | if ! _check_curl_version; then | |
62 | return 1 | |
63 | fi | |
64 | fi | |
65 | fi | |
66 | ||
67 | if [ "$DEPLOY_DOCKER_CONTAINER_KEY_FILE" ]; then | |
68 | _savedomainconf DEPLOY_DOCKER_CONTAINER_KEY_FILE "$DEPLOY_DOCKER_CONTAINER_KEY_FILE" | |
69 | fi | |
70 | ||
71 | if [ "$DEPLOY_DOCKER_CONTAINER_CERT_FILE" ]; then | |
72 | _savedomainconf DEPLOY_DOCKER_CONTAINER_CERT_FILE "$DEPLOY_DOCKER_CONTAINER_CERT_FILE" | |
73 | fi | |
74 | ||
75 | if [ "$DEPLOY_DOCKER_CONTAINER_CA_FILE" ]; then | |
76 | _savedomainconf DEPLOY_DOCKER_CONTAINER_CA_FILE "$DEPLOY_DOCKER_CONTAINER_CA_FILE" | |
77 | fi | |
78 | ||
79 | if [ "$DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE" ]; then | |
80 | _savedomainconf DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE "$DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE" | |
81 | fi | |
82 | ||
83 | if [ "$DEPLOY_DOCKER_CONTAINER_RELOAD_CMD" ]; then | |
84 | _savedomainconf DEPLOY_DOCKER_CONTAINER_RELOAD_CMD "$DEPLOY_DOCKER_CONTAINER_RELOAD_CMD" | |
85 | fi | |
86 | ||
87 | _cid="$(_get_id "$DEPLOY_DOCKER_CONTAINER_LABEL")" | |
88 | _info "Container id: $_cid" | |
89 | if [ -z "$_cid" ]; then | |
90 | _err "can not find container id" | |
91 | return 1 | |
92 | fi | |
93 | ||
94 | if [ "$DEPLOY_DOCKER_CONTAINER_KEY_FILE" ]; then | |
95 | if ! _docker_cp "$_cid" "$_ckey" "$DEPLOY_DOCKER_CONTAINER_KEY_FILE"; then | |
96 | return 1 | |
97 | fi | |
98 | fi | |
99 | ||
100 | if [ "$DEPLOY_DOCKER_CONTAINER_CERT_FILE" ]; then | |
101 | if ! _docker_cp "$_cid" "$_ccert" "$DEPLOY_DOCKER_CONTAINER_CERT_FILE"; then | |
102 | return 1 | |
103 | fi | |
104 | fi | |
105 | ||
106 | if [ "$DEPLOY_DOCKER_CONTAINER_CA_FILE" ]; then | |
107 | if ! _docker_cp "$_cid" "$_cca" "$DEPLOY_DOCKER_CONTAINER_CA_FILE"; then | |
108 | return 1 | |
109 | fi | |
110 | fi | |
111 | ||
112 | if [ "$DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE" ]; then | |
113 | if ! _docker_cp "$_cid" "$_cfullchain" "$DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE"; then | |
114 | return 1 | |
115 | fi | |
116 | fi | |
117 | ||
118 | if [ "$DEPLOY_DOCKER_CONTAINER_RELOAD_CMD" ]; then | |
119 | if ! _docker_exec "$_cid" "$DEPLOY_DOCKER_CONTAINER_RELOAD_CMD"; then | |
120 | return 1 | |
121 | fi | |
122 | fi | |
123 | return 0 | |
124 | } | |
125 | ||
126 | #label | |
127 | _get_id() { | |
128 | _label="$1" | |
129 | if [ "$_USE_DOCKER_COMMAND" ]; then | |
130 | docker ps -f label="$_label" --format "{{.ID}}" | |
131 | elif [ "$_USE_REST" ]; then | |
132 | _err "Not implemented yet." | |
133 | return 1 | |
134 | elif [ "$_USE_UNIX_SOCKET" ]; then | |
135 | _req="{\"label\":[\"$_label\"]}" | |
136 | _debug2 _req "$_req" | |
137 | _req="$(printf "%s" "$_req" | _url_encode)" | |
138 | _debug2 _req "$_req" | |
139 | listjson="$(_curl_unix_sock "${_DOCKER_SOCK:-$_DOCKER_HOST_DEFAULT}" GET "/containers/json?filters=$_req")" | |
140 | _debug2 "listjson" "$listjson" | |
141 | echo "$listjson" | tr '{,' '\n' | grep -i '"id":' | _head_n 1 | cut -d '"' -f 4 | |
142 | else | |
143 | _err "Not implemented yet." | |
144 | return 1 | |
145 | fi | |
146 | } | |
147 | ||
148 | #id cmd | |
149 | _docker_exec() { | |
150 | _eargs="$@" | |
151 | _debug2 "_docker_exec $_eargs" | |
152 | _dcid="$1" | |
153 | shift | |
154 | if [ "$_USE_DOCKER_COMMAND" ]; then | |
155 | docker exec -i "$_dcid" $@ | |
156 | elif [ "$_USE_REST" ]; then | |
157 | _err "Not implemented yet." | |
158 | return 1 | |
159 | elif [ "$_USE_UNIX_SOCKET" ]; then | |
160 | _cmd="$@" | |
161 | _cmd="$(printf "$_cmd" | sed 's/ /","/g')" | |
162 | _debug2 _cmd "$_cmd" | |
163 | #create exec instance: | |
164 | cjson="$(_curl_unix_sock "$_DOCKER_SOCK" POST "/containers/$_dcid/exec" "{\"Cmd\": [\"$_cmd\"]}")"; | |
165 | _debug2 cjson "$cjson" | |
166 | execid="$(echo "$cjson" | cut -d '"' -f 4)" | |
167 | _debug execid "$execid" | |
168 | ejson="$(_curl_unix_sock "$_DOCKER_SOCK" POST "/exec/$execid/start" "{\"Detach\": false,\"Tty\": false}")"; | |
169 | _debug2 ejson "$ejson" | |
170 | else | |
171 | _err "Not implemented yet." | |
172 | return 1 | |
173 | fi | |
174 | } | |
175 | ||
176 | #id from to | |
177 | _docker_cp() { | |
178 | _dcid="$1" | |
179 | _from="$2" | |
180 | _to="$3" | |
181 | _info "Copying file from $_from to $_to" | |
182 | _dir="$(dirname "$_to")" | |
183 | _docker_exec "$_dcid" mkdir -p "$_dir" | |
184 | if [ "$_USE_DOCKER_COMMAND" ]; then | |
185 | cat "$_from" | _docker_exec "$_dcid" tee "$_to" >/dev/null | |
186 | if [ "$?" = "0" ]; then | |
187 | _info "Success" | |
188 | return 0 | |
189 | else | |
190 | _info "Error" | |
191 | return 1 | |
192 | fi | |
193 | elif [ "$_USE_REST" ]; then | |
194 | _err "Not implemented yet." | |
195 | return 1 | |
196 | elif [ "$_USE_UNIX_SOCKET" ]; then | |
197 | _frompath="$_from" | |
198 | if _startswith "$_frompath" '/'; then | |
199 | _frompath="$(echo "$_from" | cut -b 2- )" #remove the first '/' char | |
200 | fi | |
201 | _debug2 "_frompath" "$_frompath" | |
202 | _toname="$(basename "$_to")" | |
203 | _debug2 "_toname" "$_toname" | |
204 | if ! tar --transform="s,$_frompath,$_toname," -cz "$_from" 2>/dev/null | _curl_unix_sock "$_DOCKER_SOCK" PUT "/containers/$_dcid/archive?noOverwriteDirNonDir=1&path=$(printf "%s" "$_dir" | _url_encode)" '@-' "Content-Type: application/octet-stream"; then | |
205 | _err "copy error" | |
206 | return 1 | |
207 | fi | |
208 | return 0 | |
209 | else | |
210 | _err "Not implemented yet." | |
211 | return 1 | |
212 | fi | |
213 | ||
214 | } | |
215 | ||
216 | #sock method endpoint data content-type | |
217 | _curl_unix_sock() { | |
218 | _socket="$1" | |
219 | _method="$2" | |
220 | _endpoint="$3" | |
221 | _data="$4" | |
222 | _ctype="$5" | |
223 | if [ -z "$_ctype" ]; then | |
224 | _ctype="Content-Type: application/json" | |
225 | fi | |
226 | _debug _data "$_data" | |
227 | _debug2 "url" "http://localhost$_endpoint" | |
228 | if [ "$_CURL_NO_HOST" ]; then | |
229 | _cux_url="http:$_endpoint" | |
230 | else | |
231 | _cux_url="http://localhost$_endpoint" | |
232 | fi | |
233 | ||
234 | if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then | |
235 | curl -vvv --silent --unix-socket "$_socket" -X $_method --data-binary "$_data" --header "$_ctype" "$_cux_url" | |
236 | else | |
237 | curl --silent --unix-socket "$_socket" -X $_method --data-binary "$_data" --header "$_ctype" "$_cux_url" | |
238 | fi | |
239 | ||
240 | } | |
241 | ||
242 | _check_curl_version() { | |
243 | _cversion="$(curl -V | grep '^curl ' | cut -d ' ' -f 2)" | |
244 | _debug2 "_cversion" "$_cversion" | |
245 | ||
246 | _major="$(_getfield "$_cversion" 1 '.')" | |
247 | _debug2 "_major" "$_major" | |
248 | ||
249 | _minor="$(_getfield "$_cversion" 2 '.')" | |
250 | _debug2 "_minor" "$_minor" | |
251 | ||
252 | if [ "$_major$_minor" -lt "740" ]; then | |
253 | _err "curl v$_cversion doesn't support unit socket" | |
254 | return 1 | |
255 | fi | |
256 | if [ "$_major$_minor" -lt "750" ]; then | |
257 | _debug "Use short host name" | |
258 | export _CURL_NO_HOST=1 | |
259 | else | |
260 | export _CURL_NO_HOST= | |
261 | fi | |
262 | return 0 | |
263 | } | |
264 |